Client side password management

[frikkasoft]

Hi all

I will be writing a client GUI application in Qt which will be used at different organizations around around the world. This GUI needs to connect to our own SQL server which stores all business data.

Users of this GUI can either login as superusers (whom can add other users and do administrative taksk) or login as normal users which have more restriced access.

I am thinking what is the best way to handle user authentication on the client side, I don't want to hard code the connection (username/password) information into the client executable, but I also dont want to store an unencrypted password on the client side either.

I was thinking that maybe the best and easiest way was to create two database roles, one superuser_role, and one normal_role. When a new organzation wants to use this application, we (ourselves) will manually create a database user with the superuser_role. Then the organization can login using that user and inside the GUI they can add any number of normal users, which can then use the application.

Does this seem reasonable approach to handle user management on the client side? Has someone here done anything similar?

[Lesiok]

Simply store encrypted logins and passwords using standard QSettings. First login and password for superuser You can can create on installation process or on first run of application.

[patrik08]

Write first a small Autetifications - Server like
cd %QTDIR%/examples/network/fortuneserver on port 8080 any organizations other server.

Or a remote php file form POST or SOA

If sender user/pass/organizations is one table server or php file resend the SQL read or write connection params, encripted by own function.

if client having the correct params and access-level it can admin or redonly SQL data.